Security Vulnerability Report
Severity: High
Reporter: pratheep-bit
Date: 2026-06-18
Summary
Any authenticated user can create Customer master records regardless of their assigned role, causing data corruption and polluting the CRM module.
Root Cause
The customer creation pathway allows document insertion with ignore_permissions=True or lacks proper role-based permission validation, enabling users without Customer creation privileges to inject records into the system.
Impact
- Data corruption: Unauthorized users can create fraudulent or incorrect Customer records, polluting master data.
- CRM pollution: Fake or duplicate customer records degrade data quality, affecting sales workflows, reporting, and analytics.
- Audit trail contamination: Unauthorized record creation makes it harder to maintain reliable audit trails for compliance (SOX, GDPR).
- Downstream financial impact: Incorrect Customer records can lead to erroneous invoicing, payment allocation, and accounts receivable reporting.
Recommended Fix
Add frappe.has_permission("Customer", "create", throw=True) validation before allowing Customer document creation. Ensure all code paths that create Customer records respect the Frappe permission framework.
Discovered during ERPNext security audit
Security Vulnerability Report
Severity: High
Reporter: pratheep-bit
Date: 2026-06-18
Summary
Any authenticated user can create Customer master records regardless of their assigned role, causing data corruption and polluting the CRM module.
Root Cause
The customer creation pathway allows document insertion with
ignore_permissions=Trueor lacks proper role-based permission validation, enabling users without Customer creation privileges to inject records into the system.Impact
Recommended Fix
Add
frappe.has_permission("Customer", "create", throw=True)validation before allowing Customer document creation. Ensure all code paths that create Customer records respect the Frappe permission framework.Discovered during ERPNext security audit